Computer security is fast becoming an important issue. With the proliferation of computers and computer networks into all aspects of business and daily life--financial, medical, education, government, and communications--the concern over secure file access and data communications is growing. One method of preventing unauthorized access to files is by using encryption and cipher techniques. These techniques convert data into other forms of data in a fashion that is reversible. Once encrypted, the data is unintelligible unless first decrypted. RSA, DES and CAST are known encryption techniques, which are currently believed to provide sufficient security for computer communications and files.
Each of these encryption techniques uses a cipher key. Such a key is crucial to the encryption/decryption process. Anyone with a correct key can access information that has previously been encrypted using that key. The entry of the key from the keyboard is impractical since such a key must be remembered by a user for entry and as such is liable to be discovered by an individual desiring access to existing encrypted files.
Further, there is great concern over communication of keys within commercial and governmental offices. It is common for users to inform others of their keys or to transfer their keys to others for use during holidays, sick days, or even as a reminder of the key should the user forget. Also, keys are often written down at the workstation in case a user should forget. Such written passwords undermine the security of many systems.
In DES encryption, the key is a numerical value, for example 56 bits in length. Such a key can be used to encrypt and subsequently to decrypt data. The security of the data once encrypted is sufficient that the key is required to access the data in an intelligible form. Thus the security of the data is related to the security of the key.
Some encryption systems use keys stored on the same device as the encrypted files. This is akin to storing a lock and its key in the same location. A knowledgeable user gaining access to the device could locate the key and access the data. Other encryption systems use keys stored on portable cards. Such a key is accessed via a password entered at the keyboard. Other users can take such a portable card and such a password can be discovered. The portable card is equally subject to transfer between employees and improper storage--at a user's desk.
In a fingerprint input transducer or sensor, the finger under investigation is usually pressed against a flat surface, such as a side of a glass plate, and the ridge and valley pattern of the finger tip is sensed by a sensing means such as an interrogating light beam.
Various optical devices are known which employ prisms upon which a finger whose print is to be identified is placed. The prism has a first surface upon which a finger is placed, a second surface disposed at an acute angle to the first surface through which the fingerprint is viewed and a third illumination surface through which light is directed into the prism. In some cases, the illumination surface is at an acute angle to the first surface, as seen for example, in U.S. Pat. Nos. 5,187,482 and 5,187,748. In other cases, the illumination surface is parallel to the first surface, as seen for example, in U.S. Pat. Nos. 5,109,427 and 5,233,404. Fingerprint identification devices of this nature are generally used to control the building-access or information-access of individuals to buildings, rooms, and devices such as computer terminals.
U.S. Pat. No. 4,353,056 in the name of Tsikos issued Oct. 5, 1982, discloses an alternative kind of fingerprint sensor that uses a capacitive sensing approach. The described sensor has a two dimensional, row and column, array of capacitors, each comprising a pair of spaced electrodes, carried in a sensing member and covered by an insulating film. The sensors rely upon deformation to the sensing member caused by a finger being placed thereon so as to vary locally the spacing between capacitor electrodes, according to the ridge/trough pattern of the fingerprint, and hence, the capacitance of the capacitors. In one arrangement, the capacitors of each column are connected in series with the columns of capacitors connected in parallel and a voltage is applied across the columns. In another arrangement, a voltage is applied to each individual capacitor in the array. Sensing in the respective two arrangements is accomplished by detecting the change of voltage distribution in the series connected capacitors or by measuring the voltage values of the individual capacitances resulting from local deformation. To achieve this, an individual connection is required from the detection circuit to each capacitor.
Portable fingerprint devices are known in the art. One such device is disclosed in U.S. Pat. No. 5,467,403 and relates to a portable imaging device for capturing fingerprint images and transmitting them to a central location for verification. Such a device is useful in an information gathering and identification process comprising a large central database of fingerprint information. It does not, however, address the current concern for personal privacy with regards to the fingerprint data. Further, such a system can only act to verify identification and thus restrict access from a central location. This requires communications, which are inherently unsecured.
One concern associated with remote fingerprint sensors relates to the transmission of information used for verification. Whereas a fingerprint is unique and cannot be easily duplicated, such is not the case for the electronic representation of the fingerprint. Knowledgeable individuals with incentive to gain access to a system can record such an electronic representation for use at a later time. In addition, the signal providing access may be recorded for later use thus circumventing a security system.
PCMCIA, an organisation comprised of hundreds of manufacturers of memory cards and related peripheral equipment, has established standards for peripheral and memory cards. PCMCIA cards enhance the capabilities of a computer by providing a standard hardware interface and standard software protocols. PCMCIA cards have been designed with memory, fax machines, modems, and disk drives. The standard connector size makes them compatible with many portable computers and the PCMCIA standard allows for easy installation and removal of cards. One such PCMCIA card that is disclosed in U.S. Pat. No. 5,468,952 is a bar code scanning device. Such a device provides convenience in portability as well as use.
The PCMCIA has established spatial standards for circuit boards intended to be used in portable computers. PCMCIA has developed a 68 pin memory card standard for three memory card types.
Type I Memory Cards are the same width and length as a common credit card, about 54 mm.times.85.6 mm, but are thicker than a credit card. The thickness of a Type I card is 3.3 mm.
Type II Memory Cards are used by those companies which are utilizing memory components that are too high to be housed within a Type I card. Type II Memory Cards are also the same overall length and width as credit cards, but have a raised body cross section in the substrate area which gives them an overall thickness of 5 mm. The raised substrate areas of these cards are 48 mm in width.
Type III Memory Cards are the result of a recent movement sponsored by the Small Form Factor Committee to enable 1. 8"Small Form Factor Disk Drives to be plugged into memory card connectors. Type III Memory Cards are the same length and width as Type I Memory Cards; however, Type III Memory Cards have a substrate area thickness of 10.5 mm. Also, Type III Memory Cards require card guide opening width of 51 mm on the header connector to accommodate the slightly wider raised substrate area.
Another type of card that is now commonly available and well known in the art is a Smart Card. The Smart card comprises a microprocessor, non-volatile storage and random access memory (RAM) all on a small portable card. The use of Smart Cards is increasing because they present a convenient method for providing software and a processor for executing same within a compact and portable device. For example, a smart card credit card can maintain balance information and update a balance when used. Since information is stored on the card and security functions for protecting the information are also on the smart card, the resulting card is temper resistant and also portable alleviating a need to electronically transmit information to each device requiring access to the information. As such, smart cards are known to be advantageous for numerous applications
Before the advent of computers and imaging devices, research was conducted into fingerprint characterisation and identification. Today, much of the research focus in biometrics has been directed toward improving the input transducer and the quality of the biometric input data. Fingerprint characterization is well known and can involve many aspects of fingerprint analysis. The analysis of fingerprints is discussed in the following references which are hereby incorporated by reference:
Xiao Qinghan and Bian Zhaoqi,: An approach to Fingerprint Identification By Using the Attributes of Feature Lines of Fingerprint," IEEE Pattern Recognition, pp 663, 1986; PA1 C. B. Shelman, "Fingerprint Classification--Theory and Application," Proc. 76 Carnahan Conference on Electronic Crime Countermeasures, 1976; PA1 Feri Pernus, Stanko Kovacic, and Ludvik Gyergyek, "Minutaie Based Fingerprint Registration," IEEE Pattern Recognition, pp 1380, 1980; PA1 J. A. Ratkovic, F. W. Blackwell, and H. H. Bailey, "Concepts for a Next Generation Automated Fingerprint System," Proc. 78 Carnahan Conference on Electronic Crime Countermeasures, 1978; PA1 K. Millard, "An approach to the Automatic Retrieval of Latent Fingerprints," Proc. 75 Carnahan Conference on Electronic Crime Countermeasures, 1975; PA1 Moayer and K. S. Fu, "A Syntactic Approach to Fingerprint Pattern Recognition," Memo Np. 73-18, Purdue University, School of Electrical Engineering, 1973; PA1 Wegstein, An Automated Fingerprint Identification System, NBS special publication, U.S. Department of Commerce/National Bureau of Standards, ISSN 0083-1883; no. 500-89, 1982; Moenssens, Andre A., Fingerprint Techniques, Chilton Book Co., 1971; and, PA1 Wegstein and J. F. Rafferty, The LX39 Latent Fingerprint Matcher, NBS special publication, U.S. Department of Commerce/National Bureau of Standards; no. 500-36, 1978. PA1 a housing; PA1 a biometric information input means disposed within the housing for capturing biometric data and providing a first signal in dependence thereon; PA1 a peripheral card interface disposed within the housing for interfacing with the peripheral card and for receiving the first signal and providing same to the peripheral card; data transfer means for providing data in dependence upon the captured biometric data to the computer; and PA1 means for receiving a second signal from the peripheral card and providing the second signal to the data transfer means. PA1 a housing; PA1 a transducer disposed within the housing for capturing biometric information and converting the biometric information into a first signal; PA1 a peripheral card interface disposed within the housing for accepting a peripheral card; PA1 means for providing the first signal to the peripheral card interface; and PA1 data transfer means for receiving the first signal and coupled with the peripheral card interface for receiving a second signal therefrom and for transmitting a signal dependent upon one of the first signal and the second signal from the device to the system. PA1 providing biometric information to the transducer; PA1 detecting a presence of a peripheral card interfaced with the peripheral card interface; PA1 if a peripheral card is detected, using the peripheral card, transforming the data into a first signal and providing the first signal to the data transfer means; PA1 if a peripheral card is not detected, providing a different signal based on the data to the data transfer means; PA1 transmitting the signal received by the data transfer means to the computer. PA1 a housing; PA1 a transducer disposed within the housing for capturing biometric information and converting the biometric information into a first signal; PA1 a peripheral card interface disposed within the housing for accepting a peripheral card; PA1 means for providing the first signal to the peripheral card interface; PA1 means for receiving a second other signal from the peripheral card interface; PA1 means for detecting a peripheral card interfacing with the peripheral card interface and for providing an indication of a presence or an absence of the peripheral card; PA1 data transfer means for receiving at least one of the first signal and a second other signal from the peripheral card interface and for transmitting a signal to the system in dependence upon the received signal and the indication.
Of course, other contact imagers such as palm print imagers are also known to exist.